Skip to content

Commit

Permalink
AWS App Runner Update: This release adds support of securely referenc…
Browse files Browse the repository at this point in the history 
…ing secrets and configuration data that are stored in Secrets Manager and SSM Parameter Store by adding them as environment secrets in your App Runner service.
  • Loading branch information
AWS committed Jan 5, 2023
1 parent 3471acc commit 49feee5
Show file tree
Hide file tree
Showing 4 changed files with 77 additions and 46 deletions.
6 changes: 6 additions & 0 deletions .changes/next-release/feature-AWSAppRunner-1405742.json
View file
@@ -0,0 +1,6 @@
{
"type": "feature",
"category": "AWS App Runner",
"contributor": "",
"description": "This release adds support of securely referencing secrets and configuration data that are stored in Secrets Manager and SSM Parameter Store by adding them as environment secrets in your App Runner service."
}
2 changes: 1 addition & 1 deletion services/apprunner/src/main/resources/codegen-resources/endpoint-rule-set.json
View file
Expand Up @@ -3,7 +3,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
"required": false,
"required": true,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
Expand Down
86 changes: 43 additions & 43 deletions services/apprunner/src/main/resources/codegen-resources/endpoint-tests.json
View file
Expand Up @@ -8,9 +8,9 @@
}
},
"params": {
"Region": "us-west-2",
"UseFIPS": true,
"UseDualStack": true,
"Region": "us-west-2"
"UseDualStack": true
}
},
{
Expand All @@ -21,9 +21,9 @@
}
},
"params": {
"Region": "us-west-2",
"UseFIPS": true,
"UseDualStack": false,
"Region": "us-west-2"
"UseDualStack": false
}
},
{
Expand All @@ -34,9 +34,9 @@
}
},
"params": {
"Region": "us-west-2",
"UseFIPS": false,
"UseDualStack": true,
"Region": "us-west-2"
"UseDualStack": true
}
},
{
Expand All @@ -47,9 +47,9 @@
}
},
"params": {
"Region": "us-west-2",
"UseFIPS": false,
"UseDualStack": false,
"Region": "us-west-2"
"UseDualStack": false
}
},
{
Expand All @@ -60,9 +60,9 @@
}
},
"params": {
"Region": "eu-west-1",
"UseFIPS": true,
"UseDualStack": true,
"Region": "eu-west-1"
"UseDualStack": true
}
},
{
Expand All @@ -73,9 +73,9 @@
}
},
"params": {
"Region": "eu-west-1",
"UseFIPS": true,
"UseDualStack": false,
"Region": "eu-west-1"
"UseDualStack": false
}
},
{
Expand All @@ -86,9 +86,9 @@
}
},
"params": {
"Region": "eu-west-1",
"UseFIPS": false,
"UseDualStack": true,
"Region": "eu-west-1"
"UseDualStack": true
}
},
{
Expand All @@ -99,9 +99,9 @@
}
},
"params": {
"Region": "eu-west-1",
"UseFIPS": false,
"UseDualStack": false,
"Region": "eu-west-1"
"UseDualStack": false
}
},
{
Expand All @@ -112,9 +112,9 @@
}
},
"params": {
"Region": "ap-northeast-1",
"UseFIPS": true,
"UseDualStack": true,
"Region": "ap-northeast-1"
"UseDualStack": true
}
},
{
Expand All @@ -125,9 +125,9 @@
}
},
"params": {
"Region": "ap-northeast-1",
"UseFIPS": true,
"UseDualStack": false,
"Region": "ap-northeast-1"
"UseDualStack": false
}
},
{
Expand All @@ -138,9 +138,9 @@
}
},
"params": {
"Region": "ap-northeast-1",
"UseFIPS": false,
"UseDualStack": true,
"Region": "ap-northeast-1"
"UseDualStack": true
}
},
{
Expand All @@ -151,9 +151,9 @@
}
},
"params": {
"Region": "ap-northeast-1",
"UseFIPS": false,
"UseDualStack": false,
"Region": "ap-northeast-1"
"UseDualStack": false
}
},
{
Expand All @@ -164,9 +164,9 @@
}
},
"params": {
"Region": "us-east-1",
"UseFIPS": true,
"UseDualStack": true,
"Region": "us-east-1"
"UseDualStack": true
}
},
{
Expand All @@ -177,9 +177,9 @@
}
},
"params": {
"Region": "us-east-1",
"UseFIPS": true,
"UseDualStack": false,
"Region": "us-east-1"
"UseDualStack": false
}
},
{
Expand All @@ -190,9 +190,9 @@
}
},
"params": {
"Region": "us-east-1",
"UseFIPS": false,
"UseDualStack": true,
"Region": "us-east-1"
"UseDualStack": true
}
},
{
Expand All @@ -203,9 +203,9 @@
}
},
"params": {
"Region": "us-east-1",
"UseFIPS": false,
"UseDualStack": false,
"Region": "us-east-1"
"UseDualStack": false
}
},
{
Expand All @@ -216,9 +216,9 @@
}
},
"params": {
"Region": "us-east-2",
"UseFIPS": true,
"UseDualStack": true,
"Region": "us-east-2"
"UseDualStack": true
}
},
{
Expand All @@ -229,9 +229,9 @@
}
},
"params": {
"Region": "us-east-2",
"UseFIPS": true,
"UseDualStack": false,
"Region": "us-east-2"
"UseDualStack": false
}
},
{
Expand All @@ -242,9 +242,9 @@
}
},
"params": {
"Region": "us-east-2",
"UseFIPS": false,
"UseDualStack": true,
"Region": "us-east-2"
"UseDualStack": true
}
},
{
Expand All @@ -255,9 +255,9 @@
}
},
"params": {
"Region": "us-east-2",
"UseFIPS": false,
"UseDualStack": false,
"Region": "us-east-2"
"UseDualStack": false
}
},
{
Expand All @@ -268,9 +268,9 @@
}
},
"params": {
"Region": "us-east-1",
"UseFIPS": false,
"UseDualStack": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
Expand All @@ -280,9 +280,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
"Region": "us-east-1",
"UseFIPS": true,
"UseDualStack": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
Expand All @@ -292,9 +292,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
"Region": "us-east-1",
"UseFIPS": false,
"UseDualStack": true,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
}
Expand Down
29 changes: 27 additions & 2 deletions services/apprunner/src/main/resources/codegen-resources/service-2.json
View file
Expand Up @@ -786,7 +786,11 @@
},
"RuntimeEnvironmentVariables":{
"shape":"RuntimeEnvironmentVariables",
"documentation":"<p>The environment variables that are available to your running App Runner service. An array of key-value pairs. Keys with a prefix of <code>AWSAPPRUNNER</code> are reserved for system use and aren't valid.</p>"
"documentation":"<p>The environment variables that are available to your running App Runner service. An array of key-value pairs.</p>"
},
"RuntimeEnvironmentSecrets":{
"shape":"RuntimeEnvironmentSecrets",
"documentation":"<p>An array of key-value pairs representing the secrets and parameters that get referenced to your service as an environment variable. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store.</p> <note> <ul> <li> <p> If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Amazon Web Services Region as the service that you're launching, you can use either the full ARN or name of the secret. If the parameter exists in a different Region, then the full ARN must be specified. </p> </li> <li> <p> Currently, cross account referencing of Amazon Web Services Systems Manager Parameter Store parameter is not supported. </p> </li> </ul> </note>"
}
},
"documentation":"<p>Describes the basic configuration needed for building and running an App Runner service. This type doesn't support the full set of possible configuration options. Fur full configuration capabilities, use a <code>apprunner.yaml</code> file in the source code repository.</p>"
Expand Down Expand Up @@ -1606,7 +1610,7 @@
"members":{
"RuntimeEnvironmentVariables":{
"shape":"RuntimeEnvironmentVariables",
"documentation":"<p>Environment variables that are available to your running App Runner service. An array of key-value pairs. Keys with a prefix of <code>AWSAPPRUNNER</code> are reserved for system use and aren't valid.</p>"
"documentation":"<p>Environment variables that are available to your running App Runner service. An array of key-value pairs.</p>"
},
"StartCommand":{
"shape":"StartCommand",
Expand All @@ -1615,6 +1619,10 @@
"Port":{
"shape":"String",
"documentation":"<p>The port that your application listens to in the container.</p> <p>Default: <code>8080</code> </p>"
},
"RuntimeEnvironmentSecrets":{
"shape":"RuntimeEnvironmentSecrets",
"documentation":"<p>An array of key-value pairs representing the secrets and parameters that get referenced to your service as an environment variable. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store.</p> <note> <ul> <li> <p> If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Amazon Web Services Region as the service that you're launching, you can use either the full ARN or name of the secret. If the parameter exists in a different Region, then the full ARN must be specified. </p> </li> <li> <p> Currently, cross account referencing of Amazon Web Services Systems Manager Parameter Store parameter is not supported. </p> </li> </ul> </note>"
}
},
"documentation":"<p>Describes the configuration that App Runner uses to run an App Runner service using an image pulled from a source image repository.</p>"
Expand Down Expand Up @@ -2229,6 +2237,23 @@
"RUBY_31"
]
},
"RuntimeEnvironmentSecrets":{
"type":"map",
"key":{"shape":"RuntimeEnvironmentSecretsName"},
"value":{"shape":"RuntimeEnvironmentSecretsValue"}
},
"RuntimeEnvironmentSecretsName":{
"type":"string",
"max":2048,
"min":1,
"sensitive":true
},
"RuntimeEnvironmentSecretsValue":{
"type":"string",
"max":2048,
"min":1,
"sensitive":true
},
"RuntimeEnvironmentVariables":{
"type":"map",
"key":{"shape":"RuntimeEnvironmentVariablesKey"},
Expand Down

0 comments on commit 49feee5

Please sign in to comment.